Missing resources when running "puppet agent --noop" -
i may have misunderstood how "puppet agent --noop" works:
in definition of class set existence of file , set it's user&group ownership , have when united nations "puppet agent --noop" :
puppet agent --noop" works fine if file exists user or grouping doesn't exist, "puppet agent --noop" fails complaining missing user or group. if run "puppet agent" (without "--noop") works fine: doesn't matter if user, grouping or file exists or not previously: creates group, user and/or file. 1st question: suppose "--noop" run doesn't verify if catalog asking missing resources created. isn't it?
2nd question: there way kind of mocking avoid problem of missing resources when launching "--noop"?
let's paste code show it:
# yes, should improve virtual resources grouping { $at_group: ensure => "present" } user { $at_user: ensure => present, gid => "$at_group", require => group[$at_group], } file { '/etc/afile': owner => $at_user, grouping => $at_group, mode => '0440', content => template('......erb') require => user[$at_user] } output:
# puppet agent --test --noop info: retrieving plugin info: loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb info: loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb info: loading facts in /var/lib/puppet/lib/facter/pe_version.rb info: loading facts in /var/lib/puppet/lib/facter/root_home.rb info: caching catalog pagent02 info: applying configuration version '1403055383' notice: /stage[main]/agalindotest::install/group[my_group]/ensure: current_value absent, should nowadays (noop) notice: /stage[main]/agalindotest::install/user[my_user]/ensure: current_value absent, should nowadays (noop) error: not find user my_user error: /stage[main]/agalindotest::install/file[/etc/afile]/owner: alter 1001 my_user failed: not find user my_user error: not find grouping my_group error: /stage[main]/agalindotest::install/file[/etc/afiles]/group: alter 1001 my_group failed: not find grouping my_group let's show how works if file doesn't exist: "puppet agent --test --noop" works charm:
notice: /stage[main]/agalindotest::install/group[my_group]/ensure: current_value absent, should nowadays (noop) notice: /stage[main]/agalindotest::install/user[my_user]/ensure: current_value absent, should nowadays (noop) notice: /stage[main]/agalindotest::install/file[/etc/afile]/ensure: current_value absent, should file (noop) thanks lot!! / angel
unfortunately, there no way overcome limitation.
the ensure property doesn't fail on business relationship of missing owner - believe file end owned root. why output more pleasant when file doesn't exist.
as behavior existing file: each resource considered individually, , file resource must admit failure if grouping not exist when file evaluated. fact grouping (likely) created without noop cannot accounted for.
as thought of ignoring issue under noop conditions if there user resource - has merit, believe. raise feature request @ puppet's jira?
updateas of puppet 3.3 can utilize rely on $clientnoop value supplied agent along facter facts. please note tailoring manifest avoid failures in noop mode has 2 consequences.
noop runs becomes inaccurate, because "unsafe" property values not part of noop catalog you build manifest this:
# scenario not phone call virtual resources @ :-) grouping { $at_group: ensure => "present" } user { $at_user: ensure => present, gid => "$at_group", require => group[$at_group], } file { '/etc/afile': mode => '0440', content => template('......erb') # require => user[$at_user] # <- not needed @ all, puppet autorequires user , grouping } if ! $::clientnoop { file['/etc/afile'] { owner => $at_user, grouping => $at_group, } } the owner , group properties ignored in noop mode, pros , cons discussed above.
all things considered, sense not worth hassle @ all.
puppet
No comments:
Post a Comment